security-review
✓Use when reviewing PRs for security, auditing code changes, or analyzing potential vulnerabilities. Security-focused code review with attack surface mapping and risk classification. Triggers on: "security review", "use security mode", "audit this", "check for vulnerabilities", "is this secure", "attack surface", "threat model", "security check". Read-only mode - identifies issues but doesn't fix them.
Installation
SKILL.md
"Assume the user is the attacker. Find where trust is misplaced."
| HIGH | Auth, crypto, external calls, value transfer, validation removal | | MEDIUM | Business logic, state changes, new public APIs | | LOW | Comments, tests, UI, logging |
| IDOR | User-controlled IDs without ownership check | | Mass Assignment | Binding request body directly to models | | SSRF | User-controlled URLs in server requests | | Path Traversal | User input in file paths without sanitization | | Race Condition | Check-then-use without locking | | Insecure Deserialization | Deserializing untrusted data |
Use when reviewing PRs for security, auditing code changes, or analyzing potential vulnerabilities. Security-focused code review with attack surface mapping and risk classification. Triggers on: "security review", "use security mode", "audit this", "check for vulnerabilities", "is this secure", "attack surface", "threat model", "security check". Read-only mode - identifies issues but doesn't fix them. Source: mcouthon/agents.
Facts (cite-ready)
Stable fields and commands for AI/search citations.
- Install command
npx skills add https://github.com/mcouthon/agents --skill security-review- Source
- mcouthon/agents
- Category
- !Security
- Verified
- ✓
- First Seen
- 2026-02-01
- Updated
- 2026-02-18
Quick answers
What is security-review?
Use when reviewing PRs for security, auditing code changes, or analyzing potential vulnerabilities. Security-focused code review with attack surface mapping and risk classification. Triggers on: "security review", "use security mode", "audit this", "check for vulnerabilities", "is this secure", "attack surface", "threat model", "security check". Read-only mode - identifies issues but doesn't fix them. Source: mcouthon/agents.
How do I install security-review?
Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/mcouthon/agents --skill security-review Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code or Cursor
Where is the source repository?
https://github.com/mcouthon/agents
Details
- Category
- !Security
- Source
- skills.sh
- First Seen
- 2026-02-01